$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/B4B9cVpzVtXRdvoS3ZtKnCSufKw.roa File: B4B9cVpzVtXRdvoS3ZtKnCSufKw.roa (raw, json) Hash identifier: ksENadU8oCmoaD5qecA3FIrPwqhYXY7c1/KdiUAuOQ0= Subject key identifier: 07:80:7D:71:5A:73:56:D5:D1:76:FA:12:DD:9B:4A:9C:24:AE:7C:AC Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E82 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/B4B9cVpzVtXRdvoS3ZtKnCSufKw.roa Signing time: Mon 10 Feb 2025 14:16:26 +0000 ROA not before: Mon 10 Feb 2025 14:16:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 1659 IP address blocks: 192.83.192.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3714 (0xe82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=07807D715A7356D5D176FA12DD9B4A9C24AE7CAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:30:10:8c:74:90:c1:6d:9f:b5:1a:df:62:56: a8:42:5d:83:1d:84:24:3b:04:25:a2:8d:8a:8b:21: cb:70:fc:e1:17:12:36:90:52:b1:fa:80:94:8b:79: d9:73:70:cc:16:09:be:aa:13:d2:7e:22:6d:a6:25: e9:c7:c5:d0:1a:c5:f5:71:47:bf:13:32:b5:9e:5c: 15:51:b7:d2:d5:6f:ac:8c:0f:2b:21:b3:8d:15:4f: 63:54:62:b0:57:69:c9:57:7b:22:22:6a:f1:c8:13: 48:32:eb:2a:47:01:2c:0b:ed:b4:60:95:f9:62:62: a6:d3:89:fb:b3:88:fa:fb:33:67:33:b8:9d:48:56: 84:dc:da:21:e3:45:f3:5a:3d:60:4f:0c:89:03:3a: 74:0a:c5:85:70:fe:7a:69:bf:3f:7e:63:a3:a8:d4: 44:83:4b:c2:e6:88:21:9f:25:de:25:80:23:ed:0c: 57:bf:24:25:b6:dc:6e:a3:e1:b2:7b:f7:e4:a5:c8: a8:f0:e8:7c:af:68:99:f7:00:9e:ee:01:fc:65:21: 1a:ab:cf:ee:30:94:22:ed:12:e7:10:b8:2f:c4:b2: 39:2a:d4:b3:ff:58:50:1b:db:49:6b:28:36:03:60: 3a:f3:11:bd:c9:41:7e:f9:7b:c4:f8:9b:3b:58:3b: 56:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:80:7D:71:5A:73:56:D5:D1:76:FA:12:DD:9B:4A:9C:24:AE:7C:AC X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/B4B9cVpzVtXRdvoS3ZtKnCSufKw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.83.192.0/22 Signature Algorithm: sha256WithRSAEncryption 58:51:b9:e1:1f:45:2c:5c:16:3d:92:9d:61:55:54:fa:bd:a4: 52:ca:ed:0f:97:5c:19:df:89:a8:bf:b2:cb:2a:6c:4f:89:3b: ca:ec:af:be:66:a2:c6:a6:df:6a:48:92:97:b3:c0:06:34:69: 6c:5e:a5:7b:04:a9:f0:b5:04:fa:a4:81:55:df:c5:f5:4b:ed: ac:51:30:8e:73:01:db:d0:9b:a2:6c:05:bb:d4:16:7b:55:62: 2f:91:23:0e:95:dc:81:0a:a7:36:68:ee:3d:13:3c:c9:b4:b6: 32:df:19:ed:21:45:58:f2:a3:55:f8:d4:2a:04:7f:2e:3f:34: 52:35:22:90:da:0d:bf:86:f3:52:ea:37:be:95:95:4b:3b:d9: 93:b7:15:a2:72:a1:ab:8d:e2:e7:90:35:09:cf:3a:c2:ac:b4: b2:70:de:44:c0:c3:64:97:d8:e9:26:79:d0:3e:7f:95:d7:11: 14:7f:75:9d:61:60:1f:46:d2:44:cd:02:23:9e:3f:99:ae:aa: bd:b4:f8:89:80:1e:b8:17:49:1e:95:4e:d5:33:3a:97:1a:1e: 25:c4:f9:ef:c1:db:08:4f:48:84:0e:9c:12:f4:b8:09:98:40: ff:f7:29:6e:4e:96:2b:e8:c4:fc:84:69:f0:c4:4f:0e:77:fd: 0a:1c:b2:36 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA3ODA3RDcxNUE3MzU2 RDVEMTc2RkExMkREOUI0QTlDMjRBRTdDQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/MBCMdJDBbZ+1Gt9iVqhCXYMdhCQ7BCWijYqLIctw/OEXEjaQ UrH6gJSLedlzcMwWCb6qE9J+Im2mJenHxdAaxfVxR78TMrWeXBVRt9LVb6yMDysh s40VT2NUYrBXaclXeyIiavHIE0gy6ypHASwL7bRglfliYqbTifuziPr7M2czuJ1I VoTc2iHjRfNaPWBPDIkDOnQKxYVw/nppvz9+Y6Oo1ESDS8LmiCGfJd4lgCPtDFe/ JCW23G6j4bJ79+SlyKjw6HyvaJn3AJ7uAfxlIRqrz+4wlCLtEucQuC/Esjkq1LP/ WFAb20lrKDYDYDrzEb3JQX75e8T4mztYO1b/AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUB4B9cVpzVtXRdvoS3ZtKnCSufKwwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9CNEI5Y1ZwelZ0WFJkdm9TM1p0 S25DU3VmS3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwFPA MA0GCSqGSIb3DQEBCwUAA4IBAQBYUbnhH0UsXBY9kp1hVVT6vaRSyu0Pl1wZ34mo v7LLKmxPiTvK7K++ZqLGpt9qSJKXs8AGNGlsXqV7BKnwtQT6pIFV38X1S+2sUTCO cwHb0JuibAW71BZ7VWIvkSMOldyBCqc2aO49EzzJtLYy3xntIUVY8qNV+NQqBH8u PzRSNSKQ2g2/hvNS6je+lZVLO9mTtxWicqGrjeLnkDUJzzrCrLSycN5EwMNkl9jp JnnQPn+V1xEUf3WdYWAfRtJEzQIjnj+Zrqq9tPiJgB64F0kelU7VMzqXGh4lxPnv wdsIT0iEDpwS9LgJmED/9yluTpYr6MT8hGnwxE8Od/0KHLI2 -----END CERTIFICATE-----Generated at Wed Feb 19 21:59:56 2025 by rpki-client